Mercurial > hg > fapweb
comparison ajax.php @ 66:230aacc22cb4
Move some functions to site lib.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sat, 05 Oct 2013 17:59:24 +0300 |
parents | e85ed35585fc |
children | 699f6db022d9 |
comparison
equal
deleted
inserted
replaced
65:72b22729ae7e | 66:230aacc22cb4 |
---|---|
32 { | 32 { |
33 return "<input type=\"submit\" value=\" Save \" />\n"; | 33 return "<input type=\"submit\" value=\" Save \" />\n"; |
34 } | 34 } |
35 | 35 |
36 | 36 |
37 function setStatus($val, $msg) | |
38 { | |
39 global $statusSet; | |
40 if (!$statusSet) | |
41 { | |
42 header("Status: ".$val." ".$msg); | |
43 } | |
44 $statusSet = TRUE; | |
45 } | |
46 | |
47 | |
48 function execSQLCond($sql, $okmsg) | |
49 { | |
50 if (($res = stExecSQL($sql)) !== FALSE) | |
51 { | |
52 if ($okmsg != "") | |
53 setStatus(200, $okmsg); | |
54 return $res; | |
55 } | |
56 else | |
57 { | |
58 setStatus(900, "Error in SQL execution."); | |
59 return FALSE; | |
60 } | |
61 } | |
62 | |
63 | |
64 // XMLHttp responses | 37 // XMLHttp responses |
65 $action = "ERROR"; | 38 $action = "ERROR"; |
66 if (stChkRequestItem("action") && stChkRequestItem("type")) | 39 if (stChkRequestItem("action") && stChkRequestItem("type")) |
67 { | 40 { |
68 $action = $_REQUEST["action"]; | 41 $action = $_REQUEST["action"]; |
74 { | 47 { |
75 case "dump": | 48 case "dump": |
76 // | 49 // |
77 // Perform generic data dump | 50 // Perform generic data dump |
78 // | 51 // |
79 if (($res = execSQLCond( | 52 if (($res = stExecSQLCond( |
80 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC", | 53 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC", |
81 "Dump OK.")) !== FALSE) | 54 "Dump OK.")) !== FALSE) |
82 { | 55 { |
83 $out1 = array(); | 56 $out1 = array(); |
84 $out2 = array(); | 57 $out2 = array(); |
205 } | 178 } |
206 | 179 |
207 // | 180 // |
208 // Perform query if we need to, output results | 181 // Perform query if we need to, output results |
209 // | 182 // |
210 if (isset($sql) && ($res = execSQLCond($sql, "")) !== FALSE) | 183 if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE) |
211 { | 184 { |
212 if ($type == "news") | 185 if ($type == "news") |
213 { | 186 { |
214 foreach ($res as $item) | 187 foreach ($res as $item) |
215 { | 188 { |
292 $id = intval(stGetRequestItem("id")); | 265 $id = intval(stGetRequestItem("id")); |
293 | 266 |
294 if ($type == "news") | 267 if ($type == "news") |
295 { | 268 { |
296 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); | 269 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); |
297 execSQLCond($sql, "OK, news item ".$id." deleted."); | 270 stExecSQLCond($sql, "OK, news item ".$id." deleted."); |
298 } | 271 } |
299 else | 272 else |
300 if ($type == "attendees") | 273 if ($type == "attendees") |
301 { | 274 { |
302 // Attendees require some more work | 275 // Attendees require some more work |
303 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); | 276 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); |
304 execSQLCond($sql, "OK, attendee ".$id." deleted."); | 277 stExecSQLCond($sql, "OK, attendee ".$id." deleted."); |
305 | 278 |
306 $sql = stPrepareSQL("DELETE FROM votes WHERE voter_id=%d", $id); | 279 $sql = stPrepareSQL("DELETE FROM votes WHERE voter_id=%d", $id); |
307 execSQLCond($sql, "OK, attendee ".$id." votes deleted."); | 280 stExecSQLCond($sql, "OK, attendee ".$id." votes deleted."); |
308 } | 281 } |
309 else | 282 else |
310 if ($type == "entries") | 283 if ($type == "entries") |
311 { | 284 { |
312 // .. as do compo entries | 285 // .. as do compo entries |
313 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); | 286 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); |
314 execSQLCond($sql, "OK, entry ".$id." deleted."); | 287 stExecSQLCond($sql, "OK, entry ".$id." deleted."); |
315 | 288 |
316 $sql = stPrepareSQL("DELETE FROM votes WHERE entry_id=%d", $id); | 289 $sql = stPrepareSQL("DELETE FROM votes WHERE entry_id=%d", $id); |
317 execSQLCond($sql, "OK, entry ".$id." votes deleted."); | 290 stExecSQLCond($sql, "OK, entry ".$id." votes deleted."); |
318 } | 291 } |
319 } | 292 } |
320 else | 293 else |
321 setStatus(901, "No ID specified."); | 294 stSetStatus(901, "No ID specified."); |
322 break; | 295 break; |
323 | 296 |
324 case "add": | 297 case "add": |
325 // | 298 // |
326 // Add new entry | 299 // Add new entry |
330 { | 303 { |
331 $sql = stPrepareSQL( | 304 $sql = stPrepareSQL( |
332 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", | 305 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", |
333 time(), "title", "text", "author"); | 306 time(), "title", "text", "author"); |
334 | 307 |
335 execSQLCond($sql, "OK, news item added."); | 308 stExecSQLCond($sql, "OK, news item added."); |
336 } | 309 } |
337 else | 310 else |
338 if ($type == "compo" && stChkRequestItem("name") && | 311 if ($type == "compo" && stChkRequestItem("name") && |
339 stChkRequestItem("description")) | 312 stChkRequestItem("description")) |
340 { | 313 { |
341 $sql = stPrepareSQL( | 314 $sql = stPrepareSQL( |
342 "INSERT INTO compos (name,description,visible,voting,showAuthors) VALUES (%S,%Q,0,0,0)", | 315 "INSERT INTO compos (name,description,visible,voting,showAuthors) VALUES (%S,%Q,0,0,0)", |
343 "name", "description"); | 316 "name", "description"); |
344 | 317 |
345 execSQLCond($sql, "OK, compo added."); | 318 stExecSQLCond($sql, "OK, compo added."); |
346 } | 319 } |
347 else | 320 else |
348 if ($type == "attendees" && stChkRequestItem("name") && | 321 if ($type == "attendees" && stChkRequestItem("name") && |
349 stChkRequestItem("groups") && stChkRequestItem("email") && | 322 stChkRequestItem("groups") && stChkRequestItem("email") && |
350 stChkRequestItem("oneliner")) | 323 stChkRequestItem("oneliner")) |
351 { | 324 { |
352 $sql = stPrepareSQL( | 325 $sql = stPrepareSQL( |
353 "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", | 326 "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", |
354 time(), "name", "groups", "oneliner", "email"); | 327 time(), "name", "groups", "oneliner", "email"); |
355 | 328 |
356 execSQLCond($sql, "OK, attendee added."); | 329 stExecSQLCond($sql, "OK, attendee added."); |
357 } | 330 } |
358 else | 331 else |
359 if ($type == "entry" && stChkRequestItem("name") && | 332 if ($type == "entry" && stChkRequestItem("name") && |
360 stChkRequestItem("author") && stChkRequestItem("compo_id")) | 333 stChkRequestItem("author") && stChkRequestItem("compo_id")) |
361 { | 334 { |
362 $sql = stPrepareSQL( | 335 $sql = stPrepareSQL( |
363 "INSERT INTO entries (name,author,compo_id,filename) VALUES (%S,%S,%D,%S)", | 336 "INSERT INTO entries (name,author,compo_id,filename) VALUES (%S,%S,%D,%S)", |
364 "name", "author", "compo_id", "filename"); | 337 "name", "author", "compo_id", "filename"); |
365 | 338 |
366 execSQLCond($sql, "OK, entry added."); | 339 stExecSQLCond($sql, "OK, entry added."); |
367 } | 340 } |
368 else | 341 else |
369 setStatus(902, "No data."); | 342 stSetStatus(902, "No data."); |
370 break; | 343 break; |
371 | 344 |
372 case "update": | 345 case "update": |
373 // | 346 // |
374 // Update existing entry | 347 // Update existing entry |
383 "email" => "S", | 356 "email" => "S", |
384 "oneliner" => "S", | 357 "oneliner" => "S", |
385 "active" => "B", | 358 "active" => "B", |
386 )); | 359 )); |
387 | 360 |
388 execSQLCond($sql, "OK, attendee updated."); | 361 stExecSQLCond($sql, "OK, attendee updated."); |
389 } | 362 } |
390 else | 363 else |
391 if ($type == "news" && stChkRequestItem("id") && | 364 if ($type == "news" && stChkRequestItem("id") && |
392 stChkRequestItem("text") && stChkRequestItem("author") && | 365 stChkRequestItem("text") && stChkRequestItem("author") && |
393 stChkRequestItem("title")) | 366 stChkRequestItem("title")) |
398 "title" => "S", | 371 "title" => "S", |
399 "text" => "Q", | 372 "text" => "Q", |
400 "author" => "S" | 373 "author" => "S" |
401 )); | 374 )); |
402 | 375 |
403 execSQLCond($sql, "OK, news item updated."); | 376 stExecSQLCond($sql, "OK, news item updated."); |
404 } | 377 } |
405 else | 378 else |
406 if ($type == "compo" && stChkRequestItem("id") && | 379 if ($type == "compo" && stChkRequestItem("id") && |
407 stChkRequestItem("name") && stChkRequestItem("description") && | 380 stChkRequestItem("name") && stChkRequestItem("description") && |
408 stChkRequestItem("visible") && stChkRequestItem("voting") && | 381 stChkRequestItem("visible") && stChkRequestItem("voting") && |
416 "visible" => "B", | 389 "visible" => "B", |
417 "voting" => "B", | 390 "voting" => "B", |
418 "showAuthors" => "B", | 391 "showAuthors" => "B", |
419 )); | 392 )); |
420 | 393 |
421 execSQLCond($sql, "OK, compo updated."); | 394 stExecSQLCond($sql, "OK, compo updated."); |
422 } | 395 } |
423 else | 396 else |
424 if ($type == "entry" && stChkRequestItem("id") && | 397 if ($type == "entry" && stChkRequestItem("id") && |
425 stChkRequestItem("name") && stChkRequestItem("author") && | 398 stChkRequestItem("name") && stChkRequestItem("author") && |
426 stChkRequestItem("compo_id")) | 399 stChkRequestItem("compo_id")) |
432 "author" => "S", | 405 "author" => "S", |
433 "filename" => "S", | 406 "filename" => "S", |
434 "compo_id" => "D", | 407 "compo_id" => "D", |
435 )); | 408 )); |
436 | 409 |
437 execSQLCond($sql, "OK, entry updated."); | 410 stExecSQLCond($sql, "OK, entry updated."); |
438 } | 411 } |
439 else | 412 else |
440 if ($type == "settings") | 413 if ($type == "settings") |
441 { | 414 { |
442 foreach (stExecSQL("SELECT * FROM settings") as $item) | 415 foreach (stExecSQL("SELECT * FROM settings") as $item) |
450 case VT_STR: $vsql = stPrepareSQL("vstr=%s", $val); break; | 423 case VT_STR: $vsql = stPrepareSQL("vstr=%s", $val); break; |
451 case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break; | 424 case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break; |
452 } | 425 } |
453 | 426 |
454 $sql = "UPDATE settings SET ".$vsql." WHERE key=".$db->quote($item["key"]); | 427 $sql = "UPDATE settings SET ".$vsql." WHERE key=".$db->quote($item["key"]); |
455 execSQLCond($sql, "OK, setting updated."); | 428 stExecSQLCond($sql, "OK, setting updated."); |
456 } | 429 } |
457 } | 430 } |
458 else | 431 else |
459 setStatus(902, "No data."); | 432 stSetStatus(902, "No data."); |
460 break; | 433 break; |
461 | 434 |
462 default: | 435 default: |
463 setStatus(404, "Not Found"); | 436 stSetStatus(404, "Not Found"); |
464 break; | 437 break; |
465 } | 438 } |
466 | 439 |
467 ?> | 440 ?> |